You can configure an integration node vault to store credentials, which can then be used
by the integration node and its managed integration servers to access secured resources.
About this task
An integration node vault is an App Connect Enterprise vault that can be used by
an integration node and the integration servers that it manages. Each integration node has its own
vault, with its own vault key, which is shared by all the integration servers that it manages. The
vault is created when the integration node is configured, and the integration servers that are
managed by the integration node have access to the vault.
Procedure
You can configure an integration node vault by using one of the following
methods:
- Using the mqsivault command
You can use the mqsivault command to create
or destroy a vault, to change or verify a vault key, or to retrieve credentials from a vault. The
vault stores the records in encrypted form. Credentials that are stored in an integration node vault
can be accessed by the integration node and all the integration servers that it manages.
You can copy the contents of a vault into another vault by using
the import and export options of the mqsivault command. You
can use the --export parameter to copy the contents of a vault into a temporary
archive (.zip file) and then use the --import parameter to import the contents
of the archive file into the target vault. The vault entries are stored in the archive using an
archive key to symmetrically encrypt and decrypt the values.
For more information about using the mqsivault command to
configure a vault, see mqsivault command and Configuring encrypted security credentials.
For information about creating, updating, retrieving, or deleting the security credentials, see
mqsicredentials command.
- Using the mqsicreatebroker command
If you create an integration node by running the mqsicreatebroker command, you can create a vault for that integration
node by specifying either the --vault-key or
--vaultrc-location parameter on the command. For more information about how to
use the command, see mqsicreatebroker command.